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1 CLAIMS : 
2 

1 1 . In an online commerce transaction system including a buyer, a seller, and an 

2 authentication service, a processor-implemented method for authenticating to the seller that the 

3 buyer is authorized to use a payment instrument as part of an online commerce transaction, the 

4 method comprising: 

5 in real-time as part of the online commerce transaction, the authentication service 

6 performing the steps of: 

7 receiving a request to verify that the buyer is authorized to use the payment 

8 instrument; 

□ 9 determining whether the buyer has access to secret information without revealing 

€1 

.03 10 the secret information to the seller, wherein access to the secret 

Qj 11 information verifies authority to use the payment instrument; and 

u 

03 12 responsive to the determination of whether the buyer has access to the secret 

jE 

13 information, transmitting to the seller a response including whether the 

n 14 buyer is authorized to use the payment instrument. 

m 

E IS 

~j 1 2. The method of claim 1 wherein, in real-time as part of the online commerce transaction, 

^ 2 the authentication service further performs the step of: 

3 applying profile information about the buyer to the online commerce transaction. 

1 3. The method of claim 1 further comprising: 

2 responsive to a determination that the buyer has access to the secret information, the 

3 authentication service at least partially processing the payment instrument. 

/ 4. The method of claim 1 further comprising: 

2 the authentication service storing a record of the use of the payment instrument. 
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1 5. The method of claim 4 wherein the record has been digitally signed by the buyer. 

7 6. The method of claim 4 wherein the record has been digitally signed by the authentication 

2 service. 

/ 7. The method of claim 1 further comprising: 

2 prior to the online commerce transaction, the authentication service performing the steps 

3 of: 

4 receiving confirmation information which enables the authentication service to 

5 determine whether the buyer has access to the secret information; and 

6 storing the confirmation information; 

7 wherein the step of determining whether the buyer has access to secret information 

o 

4) 8 comprises: 

£3-3. 
Uj 

'izh 9 retrieving the confirmation information; and 

r j 10 using the confirmation information to determine whether the buyer has access to 

0! 

jj // the secret information. 

5 

Cj 

r"i 1 8. The method of claim 1 wherein the step of receiving a request to verify that the buyer is 

trsf 
fzl 

^ 2 authorized to use the payment instrument includes receiving the request as a result of an offer 

W 3 from the buyer to use the payment instrument. 

/ 9. The method of claim 1 wherein the online commerce transaction system is an HTTP- 

2 based web system. 

/ 10. The method of claim 9 wherein the secret information comprises a private key, and the 

2 privat^key and a corresponding public key form a key pair for use in public-key cryptography. 

1 11. The method of claim 1 0 wherein in real-time as part of the online commerce transaction, 

2 the authentication service further performs the step of: 
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receiving an offer from the buyer to use the payment instrument, wherein the offer is 
digitally signed using the private key. 

12. The method of claim 9 wherein the step of receiving a request to verify that the buyer is 
authorized to use the payment instrument comprises: 

receiving the request as a result of the buyer submitting a form for the online commerce 
transaction using a web browser, the form comprising: 
an action attribute identifying the authentication service; and 
a method attribute for transmitting the request to the authentication service as a 
result of the buyer's submission of the form. 

1 3 . The method of claim 1 2 wherein: 

the request further comprises an address for the seller; and 

the step of transmitting to the seller a response comprises transmitting the response to the 
address included in the request. 

14. The method of claim 9 wherein the step of determining whether the buyer has access to 
secret information comprises: 

transmitting to the buyer a challenge request requesting proof that the buyer has access to 

the secret information; 
receiving from the buyer a challenge response allegedly proving that the buyer has access 

to the secret information; and 
determining on the basis of the challenge response whether the buyer has access to the 

secret information. 

15. The method of claim 14 wherein the challenge request further comprises: 

a description of the online commerce transaction for which the payment instrument is to 
be used; and 
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4 a request for the buyer's consent to use the payment instrument for the online commerce 

5 transaction. 



1 16. The method of claim 9 wherein the step of transmitting to the seller a response including 

2 whether the buyer is authorized to use the payment instrument comprises POSTing the response 

3 to the seller. 



7 17. A software program product for authenticating to a seller that a buyer is authorized to use 

2 a payment instrument as part of an online commerce transaction, the software program product 

3 controlling the operation of a processor by execution of the software by the processor, the 

4 software executing the steps of: 

5 in real-time as part of the online commerce transaction: 

m 6 receiving a request to verify that the buyer is authorized to use the payment 

s 

gj 7 instrument; 

Li. 

pj 8 determining whether the buyer has access to secret information without revealing 

9 the secret information to the seller, wherein access to the secret 

yj. 

^ 10 information verifies authority to use the payment instrument; and 

p 

77 responsive to the determination of whether the buyer has access to the secret 

yJ 

fl J 12 information, transmitting to the seller a response including whether the 

m 

Q 13 buyer is authorized to use the payment instrument. 

E 5 

r ra 

1 18. The software program product of claim 17 wherein, in real-time as part of the online 

2 commerce transaction, the software further performs the step of: 

3 applying profile information about the buyer to the online commerce transaction. 



/ 19. The software program product of claim 17 wherein the software further performs the step 

2 of: 

3 responsive to a determination that the buyer has access to the secret information, at least 

4 partially processing the payment instrument. 
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1 20. The software program product of claim 1 7 wherein the software further performs the step 

2 of: 

3 storing a record of the use of the payment instrument. 

1 21 . The software program product of claim 20 wherein the software further performs the step 

2 of: 

3 digitally signing the record. 

/ 22. The software program product of claim 17 wherein the step of determining whether the 

2 buyer has access to secret information comprises: 

3 retrieving confirmation information; and 

4 using the confirmation information to determine whether the buyer has access to the 
1* 5 secret information. 

m 

23. The software program product of claim 17 wherein the software program product is 
adapted for execution by a web server. 

24. The software program product of claim 23 wherein the secret information comprises a 
private key, and the private key and a corresponding public key form a key pair for use in public- 
key cryptography. 

25. The software program product of claim 24 wherein in real-time as part of the online 
commerce transaction, the software further performs the step of: 

receiving an offer from the buyer to use the payment instrument, wherein the offer is 
digitally signed using the private key. 

26. The software program product of claim 23 wherein the step of receiving a request to 
verify that the buyer is authorized to use the payment instrument comprises: 

receiving the request as a result of the buyer submitting a form for the online commerce 
transaction using a web browser, the form comprising: 
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5 an action attribute identifying the authentication service; and 

6 a method attribute for transmitting the request to the authentication service as a 

7 result of the buyer's submission of the form. 

7 27. The software program product of claim 26 wherein: 

2 the request further comprises an address for the seller; and 

3 the step of transmitting to the seller a response comprises transmitting the response to the 

4 address included in the request. 

7 28. The software program product of claim 23 wherein the step of determining whether the 

2 buyer has access to secret information comprises: 

3 transmitting to the buyer a challenge request requesting proof that the buyer has access to 
P 4 the secret information; 

OT 5 receiving from the buyer a challenge response allegedly proving that the buyer has access 

OS 6 to the secret information; and 

ri 

p| 7 determining on the basis of the challenge response whether the buyer has access to the 

8 secret information. 



•3 

M 



U'i 
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7 29. The software program product of claim 28 wherein the challenge request further 

2 comprises: 

3 a description of the online commerce transaction for which the payment instrument is to 

4 be used; and 

5 a request for the buyer's consent to use the payment instrument for the online commerce 

6 transaction. 

1 30. The software program product of claim 23 wherein the step of transmitting to the seller a 

2 response including whether the buyer is authorized to use the payment instrument comprises 

3 POSTing the response to the seller. 

/ 31. An online commerce transaction system with buyer authentication comprising: 
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2 a seller; 

3 a buyer desiring to use a payment instrument as part of an online commerce transaction 

4 with the seller; and 

5 an authentication service communicatively coupled to the seller, for performing, in real- 

6 time as part of the online commerce transaction, the steps of: 

7 receiving a request to verify that the buyer is authorized to use the payment 

8 instrument; 

9 determining whether the buyer has access to secret information without revealing 

10 the secret information to the seller, wherein access to the secret 

11 information verifies authority to use the payment instrument; and 

12 responsive to the determination of whether the buyer has access to the secret 
Q 13 information, transmitting to the seller a response including whether the 

14 buyer is authorized to use the payment instrument. 



03 



1 32. The system of claim 31 wherein the authentication service is further adapted for storing a 



2 record of use of the payment instrument. 



W / 33. The system of claim 31 wherein the authentication service is communicatively coupled to 



Hi 2 the seller using the HTTP protocol. 



O 

h h 1 34. The system of claim 3 1 wherein the secret information comprises a private key, and the 
2 private key and a corresponding public key form a key pair for use in public-key cryptography. 



2 1 1 90/04967/DOCS/ 1 1 2 11 54.6 



